[NTLUG:Discuss] Sudo

MadHat madhat at unspecific.com
Mon Feb 18 21:40:31 CST 2002 

On Mon, 2002-02-18 at 19:08, Bobby Sanders wrote:
> --On 18 Feb 2002 11:31:40 -0600, MadHat <madhat at unspecific.com> said:
> 
>    M:BS> On Mon, 2002-02-18 at 11:20, Bobby Sanders wrote: RH 6.2 KDE.
>    M:BS> I have configured sudo to allow me to run kppp when I am
>    M:BS> logged in under my regluar user name.  However, I can only
>    M:BS> run kppp if I first open a terminal and do su -.  As long as
>    M:BS> I follow this procedure, kppp works from the command line and
>    M:BS> the icon.  Otherwise it won't.
> 
>    M:BS> Why is this?
> 
> Thanks for the response, MH.
> 
>   M> I am not completely following,
> 
> Sorry about not being more precise.
> 
>   M> but sudo is run as "sudo
>   M> programname" then it will prompt for a password, unless you use
>   M> the NOPASSWD, then it just runs.  as root, do a visudo to edit
>   M> the /etc/sudoers file. Make sure you have a line that looks
>   M> something like
>  
>   M> <username> NOPASSWD: /usr/bin/kppp
> 
> The relevant portion of my /etc/sudoers is:
> 
> User_Alias      PPP = u1, u2, u3
> 
> PPP     ALL = NOPASSWD: /usr/bin/kppp
> 
> This seems to comply with the examples in the man page.
> 
> It seems to me that this says that all of three of the members of PPP
> can run /usr/bin/kppp, without a password, from any host.  Am I
> missing something here?
> 
>   M> and it should work (assuming you don't want it prompting you for
>   M> a passwd).
> 
> I don't.
> 
>   M> Now depending on how your X is configured, there may be an issue
>   M> with xauth or xhost allowing root to run a x window on your x
>   M> session (as in the user's X session).
> 
> Although I am very weak on X configuration, as with most things, it
> appears that mine is configured so that anyone can do a su - in a
> terminal window, if they know root's password.
> 
>   M> One way to see where the problem is, is to tell kppp to run in a
>   M> terminal (one of the options on the properties of the Icon) and
>   M> it should echo any errors where you can see them.
> 
> I've tried this.  If I first open a terminal window and do an su -,
> responding to the password prompt, of course, then open another xterm
> and do kppp, all works fine, i.e. no prompt for a password.  However,
> it I am not loged in as root in another term and then do kppp, I am
> prompted for the root password.  It appears that I should not be
> prompted for the password if the program is following the instructions
> set forth in /etc/sudoers.

type
sudo kppp
and nothing else...  see if that works.

> 
> Bobby
> 
> 
> _______________________________________________
> http://www.ntlug.org/mailman/listinfo/discuss
> 
-- 
MadHat at Unspecific.com
gpg --keyserver wwwkeys.us.pgp.net --recv-keys 9DDC3E98
Key fingerprint = E786 7B30 7534 DCC2 94D5  91DE E922 0B21 9DDC 3E98

More information about the Discuss mailing list